Falhas do tipo CWE-862

7.077 resultados
CVE-2026-8407MEDIUMMissing authorization in the PAM module in Devolutions Server allows an authenticated user with a PAM license but no additional permissions EPSS 0.2%CVE-2025-64192MEDIUMWordPress XStore theme < 9.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-1169MEDIUMbirkir prime cross-site request forgeryEPSS 0.2%CVE-2026-24939MEDIUMWordPress Modula Image Gallery plugin <= 2.13.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-64285MEDIUMWordPress Premmerce Wholesale Pricing for WooCommerce plugin <= 1.1.10 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66069MEDIUMWordPress PPOM for WooCommerce plugin <= 33.0.16 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-1142MEDIUMPHPGurukul News Portal cross-site request forgeryEPSS 0.2%CVE-2026-24965MEDIUMWordPress Contest Gallery plugin <= 28.1.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-28103MEDIUMIncorrect access control in laskBlog v2.6.1 allows attackers to arbitrarily delete user accounts via a crafted request.EPSS 0.2%CVE-2025-14288MEDIUMGallery Blocks with Lightbox <= 3.3.0 - Missing Authorization to Authenticated (Contributor+) Plugin Settings ModificationEPSS 0.2%CVE-2026-4986MEDIUMWPForms Lite < 1.10.0.5 – Unauthenticated PayPal Webhook ForgeryEPSS 0.2%CVE-2026-24541MEDIUMWordPress Download After Email plugin <= 2.1.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-12133MEDIUMEPROLO Dropshipping <= 2.3.1 - Missing Authorization to Authenticated (Subscriber+) Tracking Data ModificationEPSS 0.2%CVE-2026-39485MEDIUMWordPress Youtube Embed Plus plugin <= 14.2.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-63079MEDIUMWordPress Live Copy Paste for Elementor plugin <= 1.5.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-64171HIGHMARIN3R: Cross-Namespace Vulnerability in the OperatorEPSS 0.2%CVE-2026-12515MEDIUMKatello: missing repository authorization in content_uploads exposes cross-product content existenceEPSS 0.2%CVE-2026-24947MEDIUMWordPress LA-Studio Element Kit for Elementor plugin < 1.5.6.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24544MEDIUMWordPress HD Quiz plugin <= 2.0.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39476MEDIUMWordPress User Feedback plugin <= 1.10.1 - Broken Access Control vulnerabilityEPSS 0.2%